AGENTFORCE-30.1: Context Window PII Poisoning (Graph)
๐จ Critical ยท Graph: PII Exfiltration Path
[Enterprise] Performs 4-hop graph traversal to prove regulated data (PII/PHI/GDPR/HIPAA/PCI) travels from a classified CustomField through an Apex query, agent action invocation, and into an LLM PromptTemplate context window. Standard SAST cannot detect this chain.
Detailsโ
| Field | Value |
|---|---|
| Rule ID | AGENTFORCE-30.1 |
| Severity | Critical |
| Category | Graph: PII Exfiltration Path |
| Compliance | HIPAA, PCI_DSS, EU_AI_ACT_HIGH_RISK |
Remediationโ
Refer to the SquireX documentation for
remediation guidance specific to AGENTFORCE-30.1.